This summer, two students of Assistant Professor of Computer Science Scott Alfeld have been conducting research important to anyone who relies computer technology: security. Mackenzie Stein ’19 has been on campus doing post-baccalaureate work, expanding her senior thesis into a paper for the Association for the Advancement of Artificial Intelligence. Quinten McElhiney ’22 has built a simplified computer, to better study what happens at the point of a cyberattack.
Alfeld’s primary interest as a researcher is located where machine learning and security intersect: he studies how a remote adversary can play havoc with systems, shutting them down or otherwise manipulating them for potentially nefarious ends. Looking at how these attacks work can help people predict future attacks and build less vulnerable learning systems.
“What Mackenzie is doing is very much my research focus, adversarial learning. What Quinten’s doing is more of a pet project,” Alfeld says.
McElhiney has spent the past few weeks as a Summer Science Undergraduate Research Fellow, working with Alfeld and fellow computer science professor Scott Kaplan. His project isn’t just an exercise in reconstructing an old-fashioned computer; his new creation is specifically designed to allow closer examination of the computer at work.
“It’s a pedagogical tool for understanding what happens in a computer at just the basic and simplest level,” McElhiney says. This would-be demo model is based on relays, electronic switches that open and close circuits, resulting in audible clicks and flashing lights announcing the results of formulas.
“There are no microchips, diodes, capacitors or other electronic components,” says Alfeld.
While the creation is a useful model for how modern computation is done, it could also allow researchers to explore some real-world security vulnerabilities.
“A chip manufacturer can secretly embed a sort of Trojan horse into its boards before they’re sold. The specific attacks we’re considering are timing-based, and Quinten’s work lets us analyze a simplified setting where the timescale is in milliseconds instead of nanoseconds,” Alfeld says.
Stein’s thesis, and would-be paper, grew out of a 2016 study in which Alfeld and colleagues took on the part of the attacker, and a 2017 study in which they delved into possible defenses. The work looked at time-specific data to predict future results.
“Imagine if you’re doing a futures market [study] and you’re looking at the price of corn to try to predict the future price of corn. You go to a bunch of farmers and you say, ‘Hey, what’s the crop been this year?,’ Alfeld says. In such a case, a cyberattacker could bribe farmers to lie. One way to try and defeat this is to independently verify data from a sample of a specific day or two.
“What Mackenzie’s done is figured out a way to do that same defense method, but now in a continuous setting, so she has an infinite number of defense actions,” Alfeld says, “and where my old method would take literally forever because we’d have to try each one, hers can just figure out the best action given that infinite set.”
“Instead of just choosing one day, we choose a bunch of days and we'll restrict it a little bit,” she said. “So [attackers] can change it, but they can't change too much.”
“We just say, okay, we know it's going to be bad, the data is going to manipulated, but how do we in our own actions prevent that bad data from having an impact on our predictions.”
How did Stein pull this off? She says simply, “It requires some complicated math.”